Hide HTML Source Code

Guest

Hiding HTML source code is possible. It requires JavaScript, but there
is no need to encrypt HTML output or do anything else which would
decrease performance. I discovered this about five years ago, but at
that time it would have been considered bad practice in regards to
cross-browser-compatibility. Now that AJAX has become a programming
standard, the time has come to let this loose on the the public. I
won't tell you how I do it, but I will provide you with a working
example.

Advertisements

wrote:
> Hiding HTML source code is possible. It requires JavaScript, but there
> is no need to encrypt HTML output or do anything else which would
> decrease performance. I discovered this about five years ago, but at
> that time it would have been considered bad practice in regards to
> cross-browser-compatibility. Now that AJAX has become a programming
> standard, the time has come to let this loose on the the public. I
> won't tell you how I do it, but I will provide you with a working
> example.
>
> http://www.smart-cgi.com/api/
>
> If anyone is able to crack this, I would appreciate the feedback.

Guest

On May 29, 3:41 pm, Benjamin Niemann <> wrote:
> wrote:
> > HidingHTMLsourcecodeis possible. It requires JavaScript, but there
> > is no need to encryptHTMLoutput or do anything else which would
> > decrease performance. I discovered this about five years ago, but at
> > that time it would have been considered bad practice in regards to
> > cross-browser-compatibility. Now that AJAX has become a programming
> > standard, the time has come to let this loose on the the public. I
> > won't tell you how I do it, but I will provide you with a working
> > example.
>
> >http://www.smart-cgi.com/api/
>
> > If anyone is able to crack this, I would appreciate the feedback.
>
> http://www.smart-cgi.com/api/rss.php?url=http://rss.news.yahoo.com/rs...
>
> so what?
>
> --
> Benjamin Niemann
> Email: pink at odahoda dot de
> WWW:http://pink.odahoda.de/

wrote:
> Hiding HTML source code is possible. It requires JavaScript, but there
> is no need to encrypt HTML output or do anything else which would
> decrease performance. I discovered this about five years ago, but at
> that time it would have been considered bad practice in regards to
> cross-browser-compatibility. Now that AJAX has become a programming
> standard, the time has come to let this loose on the the public. I
> won't tell you how I do it, but I will provide you with a working
> example.
>
> http://www.smart-cgi.com/api/
>
> If anyone is able to crack this, I would appreciate the feedback.

....
> was ending her public campaign against the Iraq war with an
> angry blast at Democrats, Republicans and "cowardly leaders"
> who have abandoned U.S. troops indefinitely in Iraq.</p><br clear="all"><p></p></div><div name="item" class="item"><h2><a href="http://us.rd.yahoo.com/dailynews/rss/topstories/*http://news.yahoo.com/s/nm/20070529/pl_nm/worldbank_bush_dc">Bush may name World Bank chief this week: WHouse
> (Reuters)</a></h2><div>Tue, 29 May 2007 14:23:32 GMT</div><p></p><p><a href="http://us.rd.yahoo.com/dailynews/rss/topstories/*http://news.yahoo.com/s/nm/20070529/pl_nm/worldbank_bush_dc"><img src="http://d.yimg.com/us.yimg.com/p/nm/20070529/2007_05_29t113836_450x359_us_worldbank_bush.jpg?x=130&amp;y=103&amp;sig=P2DqS2g7bBRVdAf7IbqJVA--" alt="A view of a conference hall during the IMF and World Bank spring meeting in Washington, April 14, 2007. President Bush is likely to announce this week a candidate to replace World Bank President Paul Wolfowitz, who resigned after a storm of criticism over a salary increase for his companion, White House spokesman Tony Snow said on Tuesday. (Yuri Gripas/Reuters)" align="left" border="0" height="103" width="130"></a>Reuters - President George W. Bush is
> likely to announce this week a candidate to replace World Bank
> President Paul Wolfowitz, who resigned after a storm of
> criticism over a salary increase for his companion, White House
> spokesman Tony Snow said on Tuesday.</p><br clear="all"><p></p></div><div name="item" class="item"><h2><a href="http://us.rd.yahoo.com/dailynews/rss/topstories/*http://news.yahoo.com/s/nm/20070529/ts_nm/g8_climate_germany_dc">Merkel, Pelosi say world should unite on climate

wrote:
> On May 29, 3:41 pm, Benjamin Niemann <> wrote:
>> wrote:
>> > HidingHTMLsourcecodeis possible. It requires JavaScript, but there
>> > is no need to encryptHTMLoutput or do anything else which would
>> > decrease performance. I discovered this about five years ago, but at
>> > that time it would have been considered bad practice in regards to
>> > cross-browser-compatibility. Now that AJAX has become a programming
>> > standard, the time has come to let this loose on the the public. I
>> > won't tell you how I do it, but I will provide you with a working
>> > example.
>>
>> >http://www.smart-cgi.com/api/
>>
>> > If anyone is able to crack this, I would appreciate the feedback.
>>
>> http://www.smart-cgi.com/api/rss.php?url=http://rss.news.yahoo.com/rs...
>>
>> so what?
>
> Try this again:
>
>> http://www.smart-cgi.com/api/rss.php?url=http://rss.news.yahoo.com/rss
>
> and no I haven't moved, renamed or changed the output of this page.

wrote:
> Hiding HTML source code is possible. It requires JavaScript, but there
> is no need to encrypt HTML output or do anything else which would
> decrease performance. I discovered this about five years ago, but at
> that time it would have been considered bad practice in regards to
> cross-browser-compatibility. Now that AJAX has become a programming
> standard, the time has come to let this loose on the the public. I
> won't tell you how I do it, but I will provide you with a working
> example.
>
> http://www.smart-cgi.com/api/
>
> If anyone is able to crack this, I would appreciate the feedback.

Firefox's DOM Inspector--from the context menu for the HTML element,
Copy XML to get the following on the Windows clipboard:

What has changed? I don't see a difference.
And even if - we could keep playing this game endlessly.
You have to realize that your approach suffers from the same fundamental
flaw as any other "IP protection": There is *no* way, your script could
reliably differenciate between legitimate and 'bad' requests. It only sees
a stream of incoming octets, which can be arbitrarily forged to mimic
a 'legitimate visitor'.

In article <>,
Harlan Messinger <> wrote:
> wrote:
> > Hiding HTML source code is possible. It requires JavaScript, but there
> > is no need to encrypt HTML output or do anything else which would
> > decrease performance. I discovered this about five years ago, but at
> > that time it would have been considered bad practice in regards to
> > cross-browser-compatibility. Now that AJAX has become a programming
> > standard, the time has come to let this loose on the the public. I
> > won't tell you how I do it, but I will provide you with a working
> > example.
> >
> > http://www.smart-cgi.com/api/
> >
> > If anyone is able to crack this, I would appreciate the feedback.
>
> Firefox's DOM Inspector--from the context menu for the HTML element,
> Copy XML to get the following on the Windows clipboard:
>
> <HTML lang="en" dir="ltr" xml:lang="en"
> xmlns="http://www.w3.org/1999/xhtml">
> <HEAD>
> <SCRIPT type="text/javascript" src="./js.js"/>
> <TITLE>
> Smart-CGI.com </TITL ...

etc

On FF 2.0.0.3 on Mac, this technique gets only this on the Mac
clipboard:

Share This Page

Welcome to The Coding Forums!

Welcome to the Coding Forums, the place to chat about anything related to programming and coding languages.

Please join our friendly community by clicking the button below - it only takes a few seconds and is totally free. You'll be able to ask questions about coding or chat with the community and help others.
Sign up now!